Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Code-projectsPharmacy Management System

14 matches found

CVE
CVEadded 2024/10/21 12:31 a.m.61 views

CVE-2024-10197

CVE-2024-10197 affects code-projects Pharmacy Management System 1.0, specifically the Manage Supplier Page component. The vulnerability is a cross-site scripting flaw in the /manage_supplier.php file caused by unsafely handling the address parameter, which can be exploited remotely and for which ...

5.1CVSS3.8AI score0.0038EPSS
CVE
CVEadded 2024/10/21 12:0 a.m.55 views

CVE-2024-10196

CVE-2024-10196 affects code-projects Pharmacy Management System 1.0. A vulnerability exists in the handling of the text parameter in the file /add_new_invoice.php, where improper input handling enables SQL injection. The issue may be exploited remotely and exploitation has been publicly disclosed...

9.8CVSS7.1AI score0.00494EPSS
CVE
CVEadded 2024/10/19 2:31 p.m.54 views

CVE-2024-10140

The CVE-2024-10140 entry affects code-projects’ Pharmacy Management System 1.0, with the vulnerability located in /manage_supplier.php. The root cause is an SQL injection caused by manipulating the id parameter, enabling remote exploitation. Public exploit details exist (e.g., a GitHub exploit ta...

9.8CVSS7AI score0.01309EPSS
Web
CVE
CVEadded 2024/10/15 11:0 a.m.54 views

CVE-2024-9976

CVE-2024-9976 affects code-projects Pharmacy Management System 1.0. The vulnerability is a SQL injection in the file /php/manage_customer.php?action=search (and related /php/manage_customer.php endpoints) caused by unsanitized input in the text parameter, exploitable remotely and publicly disclos...

9.8CVSS7.1AI score0.00501EPSS
Web
CVE
CVEadded 2024/10/16 1:0 p.m.51 views

CVE-2024-10023

CVE-2024-10023 affects code-projects Pharmacy Management System 1.0, with a SQL injection in /php/add_new_medicine.php triggered via the name/packing/generic_name/suppliers_name parameters. Documents indicate remote exploitation and public disclosure. Multiple sources (CNNVD, Red Hat, CVE list en...

8.8CVSS7.1AI score0.00517EPSS
Web
CVE
CVEadded 2024/08/31 6:0 p.m.51 views

CVE-2024-8366

CVE-2024-8366 affects code-projects Pharmacy Management System 1.0, specifically the Update My Profile Page component (/index.php?id=userProfileEdit). The vulnerability is a cross-site scripting flaw triggered by manipulating the fname, lname, or email parameters with malicious input (e.g., ). Th...

6.9CVSS4.4AI score0.00501EPSS
Web
CVE
CVEadded 2024/10/16 12:0 p.m.49 views

CVE-2024-10021

CVE-2024-10021 affects Code-Projects Pharmacy Management System 1.0. The vulnerability resides in /php/manage_purchase.php?action=search&tag=VOUCHER_NUMBER, where manipulating the tag parameter leads to SQL injection. Descriptions indicate the attack could be launched remotely and that the exploi...

9.8CVSS7AI score0.0055EPSS
Web
CVE
CVEadded 2024/10/16 12:0 p.m.46 views

CVE-2024-10022

The CVE-2024-10022 entry refers to code-projects Pharmacy Management System 1.0, with a SQL injection in /php/manage_supplier.php?action=search caused by unsafely handling the text parameter. A remote attacker can exploit this (publicly disclosed) to execute arbitrary SQL. Several connected sourc...

9.8CVSS7.1AI score0.0055EPSS
Web
CVE
CVEadded 2024/10/16 1:0 p.m.45 views

CVE-2024-10024

CVE-2024-10024 affects code-projects Pharmacy Management System 1.0. The vulnerability is a SQL injection in the file /php/manage_medicine_stock.php triggered by manipulation of the parameters named like name/packing/generic_name/suppliers_name, allowing remote exploitation. Exploitation details ...

8.8CVSS7.1AI score0.00582EPSS
Web
CVE
CVEadded 2024/10/19 12:31 p.m.45 views

CVE-2024-10137

CVE-2024-10137 affects Code-Projects Pharmacy Management System 1.0. The vulnerability is an SQL injection caused by manipulating the id parameter in the endpoint "/manage_medicine.php?action=delete". It may be exploitable remotely and has been described as critical in the initial report. Multipl...

9.8CVSS7AI score0.00529EPSS
CVE
CVEadded 2024/10/19 1:0 p.m.45 views

CVE-2024-10138

CVE-2024-10138 affects code-projects Pharmacy Management System v1.0. The vulnerability is an SQL injection in the endpoint /add_new_purchase.php?action=is_supplier, triggered by manipulating the name/argument parameter. This allows remote exploitation and is described as a critical issue in mult...

9.8CVSS7.1AI score0.00529EPSS
CVE
CVEadded 2024/10/19 1:31 p.m.45 views

CVE-2024-10139

CVE-2024-10139 affects code-projects Pharmacy Management System 1.0. The vulnerability is a SQL injection in the /add_new_supplier.php page, triggered by manipulation of the name parameter. The issue is exploitable remotely and an exploit has been disclosed publicly. Affected functionality is des...

9.8CVSS7.1AI score0.00529EPSS
CVE
CVEadded 2024/10/19 12:0 p.m.41 views

CVE-2024-10136

The CVE-2024-10136 entry affects code-projects Pharmacy Management System 1.0, with a vulnerability in /manage_invoice.php where the invoice_number parameter enables SQL injection. This is described as exploitable remotely and publicly disclosed. Connected sources corroborate an SQL injection fla...

9.8CVSS7.1AI score0.00529EPSS
CVE
CVEadded 2025/05/18 5:0 p.m.36 views

CVE-2025-4888

CVE-2025-4888 affects Code-Projects Pharmacy Management System 1.0, specifically the function medicineType::take_order within the Add Order Details component. The issue enables a buffer overflow due to the described manipulation, with a local attack requirement. The vulnerability has been publicl...

7.8CVSS7.1AI score0.00277EPSS